Tech of All Trades

IT professionals in a small- to medium-sized business (SMB) environment are faced with a tough task in their work: to understand a variety of topics, yet also be a specialist when a crisis occurs. It takes a unique professional confidence (or insanity) to be solely in charge of an IT department in a world where businesses rely on IT professionals more and more every day. Being in these challenging circumstances requires a tech of all trades.

Regardless of their exact career direction and various backgrounds, IT professionals should acquire certain jack-of-all-trades-type certifications if they are the IT point man of an SMB. Through experts, surveys and IT professionals working on the ground level, it’s clear being an IT jack-of-all-trades goes beyond just certifications — there are a host of processes and practices that can consistently help a one-man IT operation. However, it all has to start somewhere, and certifications are a sure way to instant credibility.

John Estes, vice president of Robert Half Technology, a global IT staffing firm, agreed.

“If you’re a one-man or one-woman operation, you’re mainly going to be dealing with support and infrastructure,” Estes said. “You’re not going to be creating a lot of applications and that sort of thing, so certainly you’re going to be supporting users that need help [with] everything from ‘I forgot my password’ to ‘I locked up this Word document,’ so basic PC troubleshooting is certainly good. What’s going to come into play is the A+ certification. That’s someone who can go in and fix PC issues, fix printer issues, etc.

CompTIA’s A+ certification is a vendor-neutral certification measuring computer technicians’ competency, and it is updated quite often. More than 800,000 professionals have earned the certification to date. It’s often the first certification attained by those with budding IT careers. Even though A+ has a reputation for being a gateway or beginner certification it represents an essential step in learning the line of thinking and holistic approach to run an IT system — in terms of both hardware and software.

Whether a company is an SMB or a Fortune 500, it’s run on a network. In the case of the former, it’s a core competency for a lone IT professional to be able to troubleshoot a network. For this reason, Estes sees network certifications as another useful certification for a person in this position.

“Certainly with any type of network at all, and the majority of SMBs are Microsoft based, [you would want] something along the lines of a Windows network administrator, and the certification that would come along with that would be the Microsoft Certified Systems Administrator, or MCSA,” Estes said. “Then, of course, you’ve got other kinds of shops; maybe they want to go the Linux route or the UNIX route. If you’re talking about the network side, the Linux Red Hat certification is very hot.”

Beyond basic server and system maintenance, the next step for someone with a large IT role in an SMB is going to be based on the company they’re working for. An insurance office is going to have different needs than an advertising agency, yet if both use emerging technology, it’s a bonus if their IT professional has some experience in it. Estes said this is especially true of the latest communication technology.

“We’re seeing a large number of wireless installations nowadays; it’s gone from just the traditional cell phone support to full-scale PDAs,” he said. “Whether it’s a BlackBerry or an iPhone, more and more people are trying to put everything on one device. That causes security and bandwidth issues. So, the certification that’s probably going to be receiving a lot of attention is the Certified Wireless Networking Professional.”

Security issues become more pervasive as a workforce relies on fewer devices, where one lapse in judgment can cause a major disruption. This is enough of an issue that in a recent survey of 256 IT professionals, 73 percent said they were very concerned they would lose their jobs in the event of a security breach, and more than half of the respondents were from medium-sized companies.

The survey was commissioned by KACE, a systems appliance company specializing in desktops, laptops and servers. KACE CEO Rob Meinhardt said the company was initially interested in how SMBs go about security and systems management to develop automated technology. Meinhardt believes automating and consolidating processes will make SMB IT professionals’ lives easier. In performing the survey, Meinhardt discovered the magnitude of responsibility and worries of an SMB jack-of-all-trades.

“The solo IT director is not only the first line of defense, but also the last line of defense,” he said. “In other words, unlike large companies, there aren’t very many resources [in an SMB] and it doesn’t have specialists in specific areas. So as IT generalists, they’re quite vulnerable. These are individuals who have to manage the whole end-to-end IT operation; they need as much support as they can get.”

The findings of the survey back up Meinhardt’s conclusion. Sixty-two percent of those accountable for IT security report that the responsibility affects them in a personal way by causing them to worry about security issues outside working hours and give up personal time to deal with them.

The issues IT pros are concerned with are not the ones most seen as threatening, either. Most IT organizations — 87 percent — are confident in their ability to deal with viruses, spam and spyware, but a minority — 35 percent — feel they are equipped to deal with lost corporate or personal data, which impact the bottom line the most.

Adding to the stress is that midmarket IT organizations reported an average of six disparate user interfaces in use for systems and security management. This creates challenges in learning and using security tools effectively. When IT pros are juggling so many different tools, it means they’ll spend less time on more substantive security issues.

For some of the more familiar tools, such as the pop-up or spyware blocker, managing more than one isn’t a big deal. But when more advanced security issues must be dealt with, the unfamiliarity can paralyze some into ignoring them. This is where the value of the survey comes into play for Meinhardt: While it illuminates certain shortcomings of the one-man IT pro, it creates developmental ideas for KACE.

“A lot of it comes down to automation,” he said. “One interesting insight from the survey was we asked what types of things [respondents were] doing to protect themselves. We asked a number of different angles on that and saw some pretty divergent views. Obviously, almost everyone has anti-virus, but when you get into other important aspects of security management, the percentage of people actually employing those best practices are much lower.”

Participants in the survey were asked specifically if other important aspects, such as anti-virus software and firewalls, were a constant presence among midmarket respondents. Automated desktop configuration was reported for only half of the security strategies of participants, while only a third said they used end-node vulnerability scanning. Meinhardt’s goal is to eventually consolidate these complicated, hence ignored tasks to ease the fears of IT pros forced to make compromised decisions.

While the opinions of presidents and executives are valid to show what specific certifications and training they’ll look for in a jack-of-all-trades position, these opinions can’t give the street-level perspective of what it’s like to be in that position.

Jeff Walker runs Drum Communications. He and one other IT professional travel constantly all over their area to do consulting for small businesses on a host of IT issues. He is judge, jury and IT executioner of many small businesses, a task that requires what has become one of the modern pillars of the industry: outsourcing.

“We’re living in the small business world, and small businesses run on Microsoft, so you’re definitely dealing with a Microsoft Certified Professional as far as certifications go,” Walker said. “The name of the game, however, is to be certified in the core needs and then outsource the other services that are not.”

According to Walker, it can be beneficial to go beyond the basic certifications and qualifications to run IT for a small business. Walker comes from a business-based perspective, where he can’t quit his job for a few months a year to attain the certifications that might help him with his clients. Even a small business goes through technological advances at a rate that can make even the most advanced IT pro’s head spin.

“The key to it is to understand that with technology you are definitely not going to be able to do it all. It is too much and it changes too rapidly,” Walker said. “The thing you want to do is [establish] partnerships that enable you to [be proficient] in areas where you don’t have that expertise, but you’ll be able to provide a service by utilizing partnerships that you create. A big example is phone systems; they now have become part of your data network via voice over IP. What do you do? You align yourself with the players in that industry. You reach out and utilize their expertise and their workforce to help you have a bigger workforce as well.”

In baseball terms, Walker would be a player-manager, someone who not only runs the logistics of a team but bats for them as well. The less he has to think and spend time on his managerial duties, the more he can concentrate on batting and making an immediate impact. This is another way Walker stays up to the task of being a jack-of-all-trades IT pro with a number of different small businesses.

“With managed services now, it really makes a two-man IT operation able to compete more in the market,” he said. “Because now you are able to do more remote work and monitor the different networks that you may be supporting. [This] cuts down on a lot of the time on the road, and that’s a beautiful thing right there. Managed services is definitely going to be the standard; it cuts down on a lot of problems.”

There’s really no one way to be a definitive jack-of-all-trades IT professional. Attempting to attain every certification that one could use is impractical, as is trying to outsource them all as well. The key is finding a balance between the must-have certifications, yet also having one or two to make you desirable, or possibly indispensable. The latter aspect is something that really depends on who the client is and what their needs are. While pursuing opportunities, if the business requires security and you have experience or training in that, make it known.

Estes, Meinhardt and Walker, while coming from different backgrounds, all can agree that consolidation and having extra assets in key areas play a big role in the overall picture. Too many tools and too many processes or programs just add confusion and distract from the basic needs IT pros should be paying attention to, such as security or maintenance.

Estes, conscious of the fact that more will always be wanted out of an IT person in this position, suggested having one or more supplementary certifications. Walker agreed, but his jack-of-all-trades consultant business model dictates him working with outsourced partners, since it doesn’t make much business sense to spend time getting certified in something that is likely to quickly change.

All three have their own perspective and situation, but Meinhardt summed it up best when recalling the findings of his survey.

“A lot of these companies are looking for ways an individual can provide the basic troubleshooting, network and security needs for the peace of mind that their companies expect.”